Академический Документы
Профессиональный Документы
Культура Документы
ABSTRACT: In the current Internet architecture, traffic is commonly routed to its destination using DNS names that are mapped to IP
addresses, yet there are no inherent means for receivers to attribute sources of traffic to senders or for receivers to authorize senders. These
deficiencies leave the Internet and its connected hosts vulnerable to a wide range of attacks including denial-of-service and misrepresentation
(spoofing, phishing, etc.) which continue to cause material damage. In this mechanism to combat these vulnerabilities by introducing attribution
and authorization into the network using a transient addressing scheme to establish attribution through DNS, establish authorization at the host,
and enforce authorization and attribution in the network. In this work, I developed and characterized a system for effecting in-network
enforcement at the router, and I demonstrate the enforcement is possible on current commodity hardware at sustained throughput rates Ill above
common Internet connection rates. The current internet architecture allows hosts to send arbitrary IP packets across a network, which may not
reflect valid source address information. IP spoofing and Denial of service attacks are ubiquitous. Filtering techniques are not sufficient enough
to counter these attacks. Current Internet design calls for in-network authentication of addresses and attribution of traffic they generate. In this
architecture the destination can only be reached through a valid capability. The aim of this dissertation is to implement Evasive Internet Protocol
for the end hosts and measure the preliminary performance as compared to current internet protocols.
KEYWORD: DNS, Spoofing, Evasive Internet Protocol.
__________________________________________________*****_________________________________________________
180
IJFRCSCE | January 2018, Available @ http://www.ijfrcsce.org
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 4 Issue: 1 180 – 186
_______________________________________________________________________________________________
Security and Feasibility Domain
Given the tussle space between security, openness The interconnected computers to do the job are
and privacy, the aim of EIP is to empower the internet end known as Networking. There is a considerable confusion in
points to impose their own policies in this regards. the literature between a computer network and a distributed
Furthermore, the design strives for a minimal change in the system. The key distinction is that in a distributed system a
current internet architecture that would allow this collection of independent computers appears to its users a
empowerment. The design itself is not a new overarching single coherent system.
architecture for the internet; rather it Depending upon the physical setup and the configuration the
Although the architecture relies on capabilities to networks can be classified into as follows:
reach a host, the IP addresses would still be used by the Local Area Network
existing routing protocols for forwarding table indexing and Metropolitan Area Network
route computation. Thus routing protocols (example BGP) Wide Area Network
properties can still be retained and also the scalability
properties related to topological information that is Local Area Network
embedded in an IP address is also retained. Local area network generally called LAN‟s is
Although IP addresses are used for route privately-owned Networks within a single building or
computation and forwarding tables, the host IP address in campus of up to a few kilometers in size. They are widely
EIP architecture cannot be used to communicate with the used to connect PC‟s and workstations in company offices
host. A compliant router will not forward a packet that has and factories to share resources and exchange information.
an invalid destination capability. This EIP address which in
effect becomes a transient destination address is referred by Metropolitan Area Network
the authors as T-address. A metropolitan area network or MAN covers a city
As far as privacy is concerned, EIP itself does not the city the best known example of a MAN is the cable
undermine it. Since EIP uses IP address to identify television network available in many cities this system grew
communicating parties, it can be said that the privacy of a from earlier community antenna system used in area with
user remains the same as it is in today‟s internet. poor over-the-air-television reception.
Some of the security benefits that can be obtained by Wide Area Network
introducing EIP A wide area network or WAN spans a large
Currently anti-spoofing techniques rely mostly on geographical area often a country of continent. It contains a
ingress address filtering [6] but their effectiveness is collection of machines intended for running user (i.e.,
reduced by concept like multi homing where a user can have applications) programs. We will follow traditional usage and
an IP address from one ISP and uses another ISP connection call this machine host. The host is connected by
to connect to the internet, in such case ingress filtering often communication subnet or just subnet for short.
drops packet since the source IP for the packet and the
network from which it is originating differs. Spoofing-based TYPES OF COMMUNICATION OVER INTERNET
attacks continue to occur and exert damage. These attacks Computers running on the Internet communicate to
included old SYN-flood attacks and other DDoS attacks. each other using either the Transmission Control Protocol
Although specific mechanism have been proposed to (TCP) or the User Datagram Protocol (UDP), as this
counter some of these attacks, but the root of all these diagram.
attacks, i.e. IP-forging, still exists
The notion of capability enables recipients control
over incoming flows because each host can implement fine-
grained capability-issuing policies for particular external
destinations. These policies can reflect various trade off
decisions between security and openness. At the extreme, a
host can only allow incoming traffic from a known set of
destinations, and EIP will prevent other destinations from
forging their IP addresses to bypass this policy. Short of this
extreme, the recipient‟s control allows a recipient to
dynamically adjust the validity constraints granted to
various external destinations based on their prior behavior.
Fig: 2.1 OSI LAYERS
181
IJFRCSCE | January 2018, Available @ http://www.ijfrcsce.org
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 4 Issue: 1 180 – 186
_______________________________________________________________________________________________
TCP ROUTING
When two applications want to communicate to Routing is the act of moving information across an
each other reliably, they establish a connection and send internet work from a source to a destination. Along the way,
data back and forth over that connection. This is analogous at least one intermediate node typically is encountered.
to making a telephone call. If you want to speak to Aunt Routing is often contrasted with bridging, which might seem
Beatrice in Kentucky, a connection is established when you to accomplish precisely the same thing to the casual
dial her phone number and she answers. You send data back observer. Only recently large-scale internetworking has
and forth over the connection by speaking to one another become popular.
over the phone lines. Like the phone company, TCP
guarantees that data sent from one end of the connection 3. EXISTING SYSTEM
actually gets to the other end and in the same order it was In the current Internet architecture, traffic is
sent. Otherwise, an error is reported. TCP provides a point- commonly routed to its destination using DNS names that
to-point channel for applications that require reliable are mapped to IP addresses, yet there are no inherent means
communications. for receivers to attribute sources of traffic to senders or for
The Hypertext Transfer Protocol (HTTP), File receivers to authorize senders. These deficiencies leave the
Transfer Protocol (FTP), and Telnet are all examples of Internet and its connected hosts vulnerable to a wide range
applications that require a reliable communication channel. of attacks including denial-of-service and misrepresentation
The order in which the data is sent and received over the (spoofing, phishing, etc.) which continue to cause material
network is critical to the success of these applications. When damage. In this mechanism to combat these vulnerabilities
HTTP is used to read from a URL, the data must be received by introducing attribution and authorization into the network
in the order in which it was sent. using a transient addressing scheme to establish attribution
through DNS, establish authorization at the host, and
UDP enforce authorization and attribution in the network.
The UDP protocol provides for communication that
is not guaranteed between two applications on the network. Drawbacks of Existing System
UDP is not connection-based like TCP. Rather, it sends Denial of service attacks against network
independent packets of data, called datagram‟s, from one infrastructures and Web sites have become routine.
application to another. Sending datagram‟s is much like Computer break-ins and hijacking is wide-spread.
sending a letter through the postal service: The order of Identity theft through phishing or break-ins is on
delivery is not important and is not guaranteed, and each the rise.
message is independent of any other. For many applications, Spam has already changed the social norms of
the guarantee of reliability is critical to the success of the using email, reflecting new assumption that
transfer of information from one end of the connection to legitimate mail might never be read by the recipient
the other due to being entangled in spam filters.
PHYSICAL NETWORK
A network is defined as two or more computing
devices connected together for sharing resources efficiently.
Further, connecting two or more networks together is known
as internetworking. Thus, the Internet is just an internetwork
– a collection of interconnected networks. For setting up its
Fig: 5.1 Destination/Next Hop Associations Determine internal network, an organization has various options.
the Data's Optimal Path
Routing tables also can contain other information, WIRED AND WIRELESS NETWORKS
such as data about the desirability of a path. Routers In a wired network, devices are connected to each
compare metrics to determine optimal routes, and these other using cables. Typically, wired networks are based on
metrics differ depending on the design of the routing Ethernet protocol where devices are connected using the
algorithm used. Unshielded Twisted Pair (UTP) cables to the different
switches. These switches are further connected to the
SWITCHING network router for accessing the Internet. In wireless
Switching is defined as routing of each packet network, the device is connected to an access point through
independently from all others and allocates transmission radio transmissions. The access points are further connected
resources as needed. The principal goals of switching is to through cables to switch/router for external network access.
optimize utilization of available link capacity and to
increase the robustness of communication. There are two VULNERABILITIES & ATTACKS
types of Switching techniques available, they are: The common vulnerability that exists in both wired
Circuit Switching and wireless networks is an “unauthorized access” to a
183
IJFRCSCE | January 2018, Available @ http://www.ijfrcsce.org
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 4 Issue: 1 180 – 186
_______________________________________________________________________________________________
network. An attacker can connect his device to a network discovering all host IP addresses which are alive in
though unsecure hub/switch port. In this regard, wireless the entire target‟s network.
network are considered less secure than wired network, Trace route is a popular ICMP utility that is used
because wireless network can be easily accessed without to map target networking by describing the path in
any physical connection. After accessing, an attacker can real-time from the client to the remote host.
exploit this vulnerability to launch attacks such as:
Sniffing the packet data to steal valuable GOALS OF NETWORK SECURITY
information. As discussed in earlier sections, there exists large
Denial of service to legitimate users on a network number of vulnerabilities in the network. Thus, during
by flooding the network medium with spurious transmission, data is highly vulnerable to attacks. An
packets. attacker can target the communication channel, obtain the
Spoofing physical identities (MAC) of legitimate data, and read the same or re-insert a false message to
hosts and then stealing data or further launching a achieve his nefarious aims.
„man-in-the-middle‟ attack. Network security is not only concerned about the
security of the computers at each end of the communication
NETWORK PROTOCOL chain; however, it aims to ensure that the entire network is
Network Protocol is a set of rules that govern secure.
communications between devices connected on a network. Confidentiality
They include mechanisms for making connections, as well Integrity
as formatting rules for data packaging for messages sent and Availability
received. Several computer network protocols have been
developed each designed for specific purposes. The popular NETWORK SIMULATOR-2
and widely used protocols are TCP/IP with associated After setting up the platform, software named ns2
higher- and lower-level protocol. was set up on it which was used for all the analysis and
simulation work apart from other tools used. Ns2 is the de
DNS PROTOCOL facto standard for network simulation. Its behavior is highly
Domain Name System (DNS) is used to resolve trusted within the networking community. It is developed at
host domain names to IP addresses. Network users depend ISI, California, and is supported by the DARPA and NSF.
on DNS functionality mainly during browsing the Internet Ns2 is an object oriented simulator, written in C++, with an
by typing a URL in the web browser. In an attack on DNS, OTcl interpreter as a frontend. This means that most of the
an attacker‟s aim is to modify a legitimate DNS record so simulation scripts are created in Tcl. If the components have
that it gets resolved to an incorrect IP address. It can direct to be developed for ns2, then both Tcl and C++ have to be
all traffic for that IP to the wrong computer. An attacker can used. Ns2 uses two languages because any network
either exploit DNS protocol vulnerability or compromise the simulator, in general, has two different kinds of things it
DNS server for materializing an attack.DNS cache needs to do. On the one hand, detailed simulations of
poisoning is an attack exploiting a vulnerability found in the protocols require a systems programming language which
DNS protocol can efficiently manipulate bytes, packet headers, and
implement algorithms that run over large data sets.
ICMP PROTOCOL
Internet Control Management Protocol (ICMP) is a WIRED VS WIRELESS NETWORKS
basic network management protocol of the TCP/IP The different types of networks available
networks. It is used to send error and control messages today are Wired and Wireless networks. Wired are
regarding the status of networked devices. ICMP is an differentiated from wireless as being wired from point
integral part of the IP network implementation and thus is to point.
present in very network setup. ICMP has its own
vulnerabilities and can be abused to launch an attack on a WIRED NETWORKS
network. These networks are generally connected with
The common attacks that can occur on a network due to the help of wires and cables. Generally the cables
ICMP vulnerabilities are: being used in this type of networks are CAT5 or CAT6
ICMP allows an attacker to carry out network cables. The connection is usually established with the
reconnaissance to determine network topology and help of physical devices like Switches and Hubs in
paths into the network. ICMP sweep involves between to increase the strength of the connection.
184
IJFRCSCE | January 2018, Available @ http://www.ijfrcsce.org
_______________________________________________________________________________________
International Journal on Future Revolution in Computer Science & Communication Engineering ISSN: 2454-4248
Volume: 4 Issue: 1 180 – 186
_______________________________________________________________________________________________
ADVANTAGES Intel argue that advances in implementations of
Physical, fixed wired connections are not cryptographic algorithms allow general purpose processors
pronet interference and fluctuations in to support ubiquitous use of transport-layer security (TLS).
available bandwidth, which can affects me The Tcp crypt approach uses the observation regarding
wireless networking connections. advances in cryptographic processing speeds to suggest a
backward-compatible means for encrypting all TCP traffic
DISADVANTAGES at the end hosts. In Privacy-Preserving Network Forensics,
Expensive to maintain the network due to the authors present a system called Clue which uses on-line
many cables between computer systems and group signatures to add device-level identification to
even if a failure in the cables occur then it will outbound packets such that the packets can be identified
be very hard to replace that particular cable as later with the cooperation of the key-issuing entity
it involved more and more costs. NS-2 is a packet-level simulator and essentially a centric
discrete event scheduler to schedule the events such as
WIRELESS NETWORKS packet and timer expiration. Centric event scheduler cannot
Wireless networks use some sort of radio accurately emulate “events handled at the same time” in real
frequencies in air to transmit and receive data instead world, that is, events are handled one by one. Beyond the
of using some physical cables. The most admiring fact event scheduler, ns-2 implements a variety of network
in these networks is that it eliminates the need for components and protocols. Notably, the wireless extension,
laying out expensive cables and maintenance costs. derived from CMU Monarch Project, has 2 assumptions
simplifying the physical world. This assumption holds only
ADVANTAGES for mobile nodes of high-rate and low-speed.
Mobile users are provided with access to real-
time information even when they are away
from their home or office.
Setting up a wireless system is easy and fast
and it eliminates the need for pulling out the
cables through walls and ceilings.
DISADVANTAGES
Interference due to weather, other radio frequency
devices, or obstructions like walls.
The total through put is affected when multiple
connections exists.